Apple's Safari far from hacker proof

By Antone Gonsalves on Mar 16, 2012 1:31 PM
Filed under Security

Patches nearly 83 critical vulnerabilities.

Apple's release this week of a patch fixing a record 83 vulnerabilities, nearly 90 percent critical, is proof the company's products are not impenetrable.

The fixes mostly involve the open-source WebKit browser engine at the heart of Safari and Google Chrome. The engine also drives browsers on iOS and Android.

Safari 5.1.4 repaired 72 critical glitches that exposed the browser to multiple attack options, including cross-site scripting, disclosure of cookies and arbitrary code execution. "There are a couple of takeaways from this, the first being that Apple products are 'hacker proof' is a myth," Marcus Carey, security researcher at Rapid7, said.

The second takeaway is the need to manage the use of Apple laptops, tablets and smartphones when connected to a corporate network.

"Even just allowing employees to install iTunes on their machines exposes the organisation to Safari/WebKit vulnerabilities," Carey said.

Most experts agree that Apple's Safari and Mac OS X is not any more secure than new versions of Microsoft Internet Explorer and Windows. The latter remains the number one target of hackers because of its much larger installed base and because cyber-criminals have more tools and code available to update malware for new attacks.

The Safari update followed by about a week a patch for 81 security flaws found in iOS, the operating system for the iPhone and iPad. In the Safari fix, Apple benefited from Google's Pwn2Own hacking contest, where several of the latest glitches were discovered this month.

This article originally appeared at crn.com

 
Follow us on Facebook and Twitter
 

Copyright © 2014 The Channel Company, LLC. All rights reserved.

Apple's Safari far from hacker proof
 
 
 
 
 
Top Stories
Datacom signs mega data centre deal with NextDC
Perth is first cab off the rank.
 
NewLease hires former MYOB and Oracle man as new CEO
Following death of co-founder Douglas Tutus.
 
Aussie firm aims to build 10,000-strong software army
Revolution IT banks on crowdsourcing to help win business.
 
Sign up to receive CRN email bulletins
   FOLLOW US...
Polls
Which mobile device couldn't you live without?


Latest Comments
CRN Magazine

Issue: 329 | July 2014

CRN Magazine looks in-depth at the emerging issues and developments for the channel, and provides insight, analysis and strategic information to help resellers better run their businesses.